As is well-known, customer data, research results, planning programs, product information, financial information, and so on data are crucial to an enterprise. Once these data are stolen, damaged or lost, the enterprise has to suffer from various consequences, such as huge losses and the decrease of reputation. A lot of numbers and statistics show that in the Web 2.0 era, enterprise data leakage problem is becoming more and more serious. At present, the business procedures and information processing of enterprise greatly depend on IT equipment. Internet is now staying in a stage of rapid development. As the general term of a new class of internet applications, Web 2.0 will have a great impact on people’s communication methods as well as ways of working. Meanwhile, various unprecedented risks will be brought as well. We believe no enterprise is willing to see such results, so the awareness of the avoiding of enterprise data leakage is very important. However, what are the main forms of enterprise data leakage? Here, we mainly divide enterprise data leakage into three forms: unintentional leakage, intentional leakage and malicious stealing.
Three main forms of enterprise data leakage In order to let readers have a better understanding of the three main forms of enterprise data leakage, we will introduce unintentional leakage, intentional leakage and malicious stealing one by one.
- Unintentional leakage: unintentional leakage refers to the phenomenon that enterprise employees may inadvertently leak out enterprise’ confidential information, such as customer data and financial information when they are using Web 2.0 applications like e-mails and instant messaging or visiting BBS, blogs and community sites. A survey of IDC shows that employees’ unintentional leakage is the problem that enterprise mostly concerns about. The reason is simple: employees’ unintentional leakage is impossible to prevent and hard to control.
- Intentional leakage: intentional leakage refers to the phenomenon that enterprise employees steal or transfer enterprise’s core confidential data by copying them into mobile storage devices like USB flash drive through the way of printing or sharing, and then use them for blackmail, selling or other malicious purposes. Similar to unintentional leakage, intentional leakage is hard to prevent. Moreover, intentional leakage often has a strong purpose and devastating influence, so it will have a quite far-reaching impact on enterprises.
- Malicious stealing: the main targets of malicious stealing are customer data and financial and fiscal information. The attackers will take advantage of computer virus, malicious code or network printer to steal enterprises’ core data for the purpose of gaining illegal profits. Malicious stealing often has a large attacking range and serious destructiveness, so it will bring great blow and losses to enterprises.
In current era where application technology is extremely deep and information technology is wide, how to own the highly reliable security guarantees of core and confidential data is an issue that enterprises need to deal with urgently.